Comparison with legacy password managers
Hardware encryption
Confirmation with smartphone or security key instead of cumbersome master password
Learn more
Brute force protection
The use of security chips for encryption provides hardware-based brute force protection
Learn more
Login usability
Simply log in with one click instead of laboriously selecting the right account from a drop-down menu
Learn more
Data protection & hosting
As a German company, all data is stored exclusively in the EU
Learn more
Usability of TOTP codes
Complete automation of the entry of TOTP codes during the login process
Learn more
2-factor security
True 2-factor security as part of our security architecture instead of optional 2-factor authentication
Learn more
Smartphone replaces the master password
Employees can conveniently confirm their login process via a swipe-to-login function in our iOS or Android app. For those without a smartphone, we offer support for FIDO2 security keys, which can be used in a similar way to USB sticks.
Legacy Password Manager
(1Password, Dashlane, LastPass,…)
Enter 16-digit master password
Single Point of Failure
28% also use their master password on websites
Time wasted typing: 30 min/month/employee
Simply confirm via smartphone
2-factor safe due to presetting
Hardware-safe due to security chip
30% faster login with one click
Better login experience for non-IT employees
Simply log in with one click instead of laboriously selecting the right account from a drop-down menu. This reduces the mental load when browsing and makes logging in extremely easy, even for non-IT employees.
Legacy Password Manager
(1Password, Dashlane, LastPass,…)
3-step login
Several clicks necessary
Confusing user guidance
Not directly visible which accounts are available
1-step login
1-click login
Reduction of the mental load
Direct overview of all accounts
2-factor automation with TOTP
Thanks to the simple setup and automatic TOTP entry, typing is no longer necessary. So you can easily activate 2-factor for your important accounts, heylogin does the work for you.
3-step TOTP
Independent authenticator app
Manual entry of the 6-digit code under time pressure
No account sharing possible with TOTP
0-step TOTP
Integration of TOTP in heylogin
Automatic entry of the code, without any interaction
Accounts with TOTP can be shared in a team
Start now with heylogin
Real 2-factor security
With legacy password managers, the 2nd factor is not activated by default and is not part of the vault encryption, but only an authentication to the cloud. With heylogin, the 2nd factor is active by default and part of the encryption.
Legacy Password Manager
(1Password, Dashlane, LastPass,…)
2nd factor is useless
2nd factor is a cloud authentication and not part of the vault encryption
2nd factor is often a TOTP code that is typed in manually
2nd factor is optional and typically not activated
Real 2-factor security
2nd factor is part of the vault encryption
2nd factor can be chosen freely
2-factor secure by default
Schutz gegen Brute-Force-Angriffe
Wenn Tresore durch einen Einbruch in die Cloud gestohlen werden, hat der Angreifer unbegrenzt viele Versuche das Master-Passwörter automatisiert zu erraten. Im Vergleich dazu, muss der Angreifer bei heylogin den Sicherheitschip physisch klauen und hat nur eine begrenzte Anzahl an Versuchen die richtige PIN zu raten. Das sind bei iOS beispielsweise 9 Versuche bevor das Gerät vollständig blockiert.
Herkömmliche Passwort-Manager
(1Password, Dashlane, LastPass,…)
Offline Brute-Force-Angriff möglich
Angriff kann Remote durchgeführt werden (skaliert!)
Unbegrenzte Versuche das Master-Passwort zu raten
⌀ 100 EUR Kosten um 12-stelliges Master-Passwort zu knacken
Sicherheitschip und 2. Faktor erforderlich
Angreifer muss physisch die Geräte der Opfer klauen (skaliert nicht!)
Begrenzte Versuche die PIN zu raten (9 Versuche bei iOS)
Kosten des Angreifers: unbezahlbar
Europäische Entwicklung & Datenschutz
Unsere Software ist ein Vertrauens- und Sicherheitsprodukt, darum verzichten wir auf Marketing-Datenerhebung in unserem Produkt. Zusätzlich verpflichten wir uns als deutsches Unternehmen, alle personenbezogenen Daten ausschließlich in der EU zu speichern.
Amerikanische Lösungen
Entwicklung und Hosting größenteils in den USA
Mangelnde DSGVO-Compliance
Schlechte Support-Erreichbarkeit
Made and hosted in Europe
Entwicklung und Hosting ausschließlich in Europa
100% DSGVO-konform
Direkter Support aus Deutschland
heylogin integriert sich ohne Aufwand in die existierende IT-Landschaft
heylogin funktioniert mit allen Geräten, Webseiten und Browsern
Ein Login kann per iOS und Android-App bestätigt werden, es besteht aber auch die Möglichkeit FIDO2-Sicherheitsschlüssel, Touch ID, Windows Hello und Smartwatches zu nutzen.
heylogin funktioniert automatisch mit allen Webseiten ohne weitere Schritte. Wir bieten eine Erweiterung für Chrome, Firefox, Safari und Edge an.
heylogin funktioniert automatisch mit allen Webseiten ohne weitere Schritte. Wir bieten eine Erweiterung für Chrome, Firefox, Safari und Edge an.
Openness as a basic principle. No blind trust.
Zero-knowledge service
- Documented: 30-page security whitepaper.
- Zero-knowledge service: We know nothing about your logins.
Audited
compliance
- ISO 27001: Company
security certified - Continuously tested: Development & infrastructure.
.png)
Data protection
in practice
- Made in Germany: Developed and hosted in Germany.
- GDPR compliant: Data processing in the EU.
Clear business model
- B2B business model: Without advertising revenue.
- Investors: German Business Angels & Mozilla Ventures.
Login solutions in comparison
Central access management
Automatic synchronization
2-factor security
Password sharing in a team
Works with all websites
Confirmation with the smartphone
Protected by security chip
Password-free: no master password
Hosting & development in Germany
Monthly costs
System Solution
1
3
Vendor lock-in
Single Sign-On (SSO)
.png)
5
~6 € / user
+ Software cost increases due to upgrade to Enterprise plans (only those supporting SSO)
Legacy Password Manager
2
4
~5 € / user
~5 € / user
Zentrales Zugriffsmanagement
Automatische Synchronisation
2-Faktor-Sicherheit
Passwort-Sharing im Team
Funktioniert mit allen Webseiten
Bestätigung mit dem Smartphone
Geschützt durch Sicherheitschip
Passwortfrei: kein Master-Passwort
Hosting & Development in Germany
Monatliche Kosten
~5 € · 70 Nutzer
350,00 €
VS.
Passwort-Manager
2
4
~6 € · 70 Nutzer
420,00 €
Single Sign-On
5
~6 € · 70 Nutzer
+ Kosten der Webdienste · ~200% · 70 Nutzer
Kostensteigerung aller Webdienste durch Enterprise-Upgrades Mehr Details zu den Kosten auf www.sso.tax
System-Lösung
1
3
Vendor lock-in
1) System solutions were primarily developed for individual users and not for user management in the company
2) Dashlane and LastPass only synchronize with a delay or when updating via button. KeePass must be synchronized manually.
3) 2-factor security in system solutions is either not available or only works if the provider's smartphones are also used
4) Conventional password managers are only protected with a master password (knowledge) by default. Factors of possession and biometrics are optional and lead to a poorer user experience
5) SSO solutions are only password-free if configured correctly or if modern solutions (e.g. Hypr) are used*All prices shown exclude VAT.
2) Dashlane and LastPass only synchronize with a delay or when updating via button. KeePass must be synchronized manually.
3) 2-factor security in system solutions is either not available or only works if the provider's smartphones are also used
4) Conventional password managers are only protected with a master password (knowledge) by default. Factors of possession and biometrics are optional and lead to a poorer user experience
5) SSO solutions are only password-free if configured correctly or if modern solutions (e.g. Hypr) are used*All prices shown exclude VAT.
Start now with heylogin
